Lucene search
K
PacketstormnewsRecent

6803 matches found

Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•9 views

Secure WebSocket Upgrade Handler Auditor for HTTP/HTTPS Services

This Python tool implements a concurrent network auditing framework focused on testing HTTP Upgrade handling behavior, especially WebSocket upgrade negotiation. It connects directly to target servers over TCP or TLS, sends crafted upgrade requests, parses raw HTTP responses, and reports whether t...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•17 views

ProjeQtor 12.4.3 SQL Injection Validator for Login Endpoints

This Python script is a defensive validation tool designed to identify potential SQL injection indicators in login functionality without modifying database contents or attempting exploitation...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•11 views

Exploiting Logic Asymmetry in Modern Web Application Firewalls

This research whitepaper demonstrates that even the most modern WAFs remain vulnerable to attacks exploiting logic asymmetry in HTTP protocol processing. Real-world testing on a Weaver Ecology OA system achieved a 100% bypass rate 40/40 test cases, confirming the critical severity of this...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•16 views

The Human Vulnerabilities and Exploits (HVE) Framework

The cybersecurity community has invested over two decades in building standardized frameworks, the Common Vulnerabilities and Exposures CVE system, the Common Vulnerability Scoring System CVSS, and the Common Weakness Enumeration CWE to identify, classify, and remediate threats to digital...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•8 views

Secrets Best Not Shared: DNS Privacy Enhancements for the Constrained IoT

Attackers often identify DNS traffic to disrupt or compromise Internet services. While prior work has focused on encrypting queries using DNS over TLS, HTTPS, or QUIC to counter such attacks, we consider IETF protocols designed for resource-constrained IoT devices and empirically analyze the...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•11 views

Multi-Domain Check Point IKEv2 Mitigation Script for CVE-2026-50751

A Check Point MDS administrative automation script that iterates through all configured management domains and updates Remote Access VPN global properties to enforce IKEv2-only encryption. The script publishes the resulting configuration changes and is intended as a mitigation measure rather than...

9.3CVSS5.8AI score0.70099EPSS
Exploits5
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•10 views

Now You (Still) See Me: Detecting Evasive Steganographic Payloads in LLMs

Large language models can be fine-tuned to encode prompt-borne secrets into fluent, seemingly benign outputs. This creates a steganographic exfiltration risk that is difficult to detect with output-level steganalysis. Recent work proposes mechanistic detection using linear probes that recover the...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•11 views

The Chronicles of Radio Frequency Fingerprinting

Radio Frequency Fingerprinting RFF has evolved from an early idea for radar emitter identification into a broad research field for wireless device identification and spectrum monitoring for security. Rather than presenting a conventional literature survey, this work provides a critical historical...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•13 views

Wazuh 4.14.2 Security Scanner

This Python script is a non-exploitative security scanner designed to test basic responsiveness and message handling behavior of a Wazuh cluster communication endpoint...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•10 views

Revive Adserver 6.0.6 Security Auditor

This script is a defensive security auditing utility designed to identify exposed services, review configuration weaknesses, and collect security posture information from a Revive Adserver deployment without performing direct exploitation...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•20 views

Customization under Fire: Plugin Poisoning in Text-To-Image Ecosystem

The prosperity of text-to-image T2I models has fostered a vibrant share-and-play ecosystem centered on Low-Rank Adaptation LoRA plugins, which allow users to customize and share model capabilities with ease. This democratization, however, comes with a hidden but severe security risk. Malicious...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•13 views

RadKey: An LLM-Guided RF Backscatter System for Through-Wall Keystroke Inference

In today's digitally connected world, keyboards remain the primary interface for inputting sensitive information, making them a persistent target for eavesdropping attacks. While prior keystroke inference techniques have exploited side-channel signals such as acoustics and vibrations, they...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•9 views

Hardware-Aware QAOA for Honeypot Traffic Partitioning on 100+ Qubit IBM Quantum Processors

Denial-of-service DoS and distributed denial-of-service DDoS mitigation requires separating malicious traffic from benign traffic while minimizing disruption to legitimate users. Prior work proposed mapping honeypot traffic partitioning to a weighted MaxCut problem and solving the resulting graph...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•8 views

RECON: An LLM-Enhanced Backward Constraint Analysis Framework

While traditional techniques, such as symbolic execution, provide a principled foundation for precise constraint reasoning in program analysis, they struggle to scale to modern software systems mainly due to path explosion, the need for function modeling, and the loss of semantic intent at...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•17 views

UniFi OS Server Unauthenticated Remote Code Execution Chain Detection Script

This tool is a safe detector for the unauthenticated remote code execution chain in UniFi OS Server versions 5.0.6 and below, as disclosed in Ubiquiti Security Advisory Bulletin 064...

10CVSS6.3AI score0.02452EPSS
Exploits2
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•12 views

Model Poisoning against Federated Model Adaptation with Chain of Bit-Flips

Federated Learning FL allows a set of clients to collectively train a global model without sharing local training data. Giving the responsibility of the training to decentralized actors may lead to poisoning attacks: clients controlled by malicious third party potentially poison the training...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•12 views

Windows Notepad WebDAV UNC Reference Markdown File Generator

This Metasploit auxiliary module is a file-format generation tool intended for security testing of a CVE-2026-20841 related to Windows Notepad Markdown handling. It produces a Markdown file containing a UNC WebDAV-style path embedded as a clickable link for behavioral analysis...

7.8CVSS5.8AI score0.1165EPSS
Exploits9
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•11 views

Windows 11 Hardening Auditor for WinRE and BitLocker

This Python-based Windows security utility performs defensive auditing and mitigation tasks focused on Windows Recovery Environment WinRE and CVE-2026-45585, BitLocker protection policies, Secure Boot, TPM configuration, and boot-time execution integrity on Windows 11 systems...

6.8CVSS6.1AI score0.01249EPSS
Exploits2
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•11 views

Security-First Approach to API Pipeline Development with Zero-Trust Architecture

Modern enterprises face an accelerating onslaught of API-targeted threats amid a rapidly expanding attack surface. Record volumes of software vulnerabilities continue to accelerate dramatically, with 28,818 CVEs disclosed in 2023 a 38% jump from 2022 and 40,009 CVEs in 2024 another 38% increase,...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/08 12:0 a.m.•8 views

AI Assurance in UK Defence: Challenges in Operationalising JSP 936

This report examines practical challenges in operationalising JSP 936 Part 1 for AI assurance in UK Defence. Using a structured interpretive review of the directive's requirements, the analysis identifies eight thematic challenge areas adequacy of evidence and argument, management of human...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/07 12:0 a.m.•20 views

Data Agents under Attack: Vulnerabilities in LLM-Driven Analytical Systems

Data agents integrate LLM-driven reasoning with relational data access, executable analytical tools, and multi-step workflow orchestration, making them increasingly central to enterprise analytics. This integration introduces new security vulnerabilities across data resources, database execution,...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/07 12:0 a.m.•8 views

AutoSUT: The Environment Semantics Gap in Structured CTI for Adversary Emulation

Structured Cyber Threat Intelligence CTI is increasingly used for adversary emulation, detection evaluation, and cyber range design. However, these workflows still require a target System Under Test SUT whose environment is not fully described by public CTI. We measure how much of that environmen...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/07 12:0 a.m.•25 views

NCMD: Benign-Anchored Feature Selection for Imbalanced Network Intrusion Detection

Feature selection is critical for network intrusion detection systems NIDS operating under high-dimensional, highly imbalanced traffic, as found in operational and defense networks. Traditional filter methods rank features using global statistics computed symmetrically across classes and thus fai...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/07 12:0 a.m.•9 views

Hardening Agent Benchmarks with Adversarial Hacker-Fixer Loops

Agent benchmarks score submissions with outcome verifiers that are typically hand-written and brittle, leaving them open to reward hacking. We audit 1,968 tasks across five terminal-agent benchmarks and find 323 16% hackable by frontier models given only the task description. This corrupts both...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/07 12:0 a.m.•8 views

GitInject: Real-World Prompt Injection Attacks in AI-Powered CI/CD Pipelines

AI-powered agents are increasingly embedded in continuous integration and continuous delivery/deployment CI/CD pipelines to autonomously review pull requests PRs, triage issues, and maintain codebases. These agents ingest untrusted content while operating with elevated repository permissions,...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/06 12:0 a.m.•28 views

An AI Security Agent for University ACMIS: Multi-Vector Threat Detection and Automated Response

University Academic Management Information Systems ACMIS are high-value targets for a wide spectrum of security threats including brute-force login attacks, payment fraud, privilege escalation, insider data theft, and academic integrity violations. Traditional rule-based intrusion detection syste...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/06 12:0 a.m.•9 views

ARTA: Adaptive Reinforcement-Learning-Based Throttling Agent for RowHammer Vulnerabilities

RowHammer vulnerability continues to intensify with DRAM scaling, reducing the activation threshold needed to induce bitflips and rendering existing defenses such as TRR, ECC, and refresh-based mechanisms vulnerable to sophisticated multi-bank hammering patterns. This work presents ARTA, a...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/06 12:0 a.m.•20 views

Closing the Sim-To-Real Gap: An Evaluation Framework for Autonomous Cyber Defense Configuration of Commercial EDR

Leading commercial endpoint detection and response EDR products have shifted from operator-configured rule sets to multi-component systems where autonomous AI components operate alongside, and increasingly in place of, operator-deployed policies. Autonomous defense agents using commercial EDR as...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/06 12:0 a.m.•11 views

Hiding in Plain Floats: Steganographic Carriers for Indirect Prompt and Content Injection

Text-centered prompt-injection defenses assume that the malicious signal is visible in one of the inspected text views. We study a reproducible LLM01-style indirect prompt/content-injection failure mode where that assumption breaks: a payload caught in plain English slips past the same detector...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•15 views

ClickFix Server Creation

This Metasploit module creates a web server which hosts a ClickFix type exploit. When a user visits the site they are given instructions on pasting our payload into a run dialog. When using a custom html page, please use INSERTPAYLOADHERE as the spot to put the generated payload in...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•25 views

Rethinking IoT Intrusion Detection: Augmenting Routing Metrics with Radio Features

Machine learning-based intrusion detection systems IDS for RPL-based IoT networks often rely solely on routing layer features, which provide only a partial view of network behaviour. In this work, we investigate whether incorporating Transmit TX and Receive RX radio features alongside the standar...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•11 views

The Sound of Malware: A Memory Forensics Approach for Android Malware Analysis Via Audio Signals

Android malware analysis is currently facing increasing challenges in achieving robust classification and detecting stealth attacks. Modern threats employ advanced evasion strategies such as code obfuscation, dynamic loading, packing, and even steganographic manipulation of traditional static and...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•10 views

Synthetic APTs: The Collapse of TTP-Based Attribution

Cyber Threat Intelligence CTI attribution relies on identifying the Tactics, Techniques, and Procedures TTPs that distinguish one threat actor from another. This approach presupposes that each adversary leaves a recognizable operational fingerprint. This work investigates whether AI driven...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•8 views

POISE: Position-Aware Undetectable Skill Injection on LLM Agents

Agent skills provide a lightweight mechanism for extending general-purpose agents, but their open format exposes them to skill-poisoning attacks. A practically dangerous injection must stay invisible: if executing the payload derails the user's legitimate task, the resulting failure signal invite...

5.7AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•25 views

MOLOT System Card: Malicious Operational Logic Observation Transformer

MOLOT Malicious Operational Logic Observation Transformer is a static malicious-code detection system designed for SAST setup where package metadata, maintainer history, and dynamic execution traces may be unavailable or unreliable. The system represents source code as behavior sequences derived...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•23 views

MalSkillBench: A Runtime-Verified Benchmark of Malicious Agent Skills

AI coding agents such as Claude Code and Gemini CLI increasingly extend themselves with third-party skills: markdown packages bundling natural-language instructions, executable scripts, and tool permissions. Because a skill is at once code and agent-facing instruction, it introduces a supply chai...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•8 views

Lost in Migration: Exposing Android Framework Vulnerabilities in Parallel Java-Kotlin Implementations

Android has adopted Kotlin alongside Java across apps and core system components. During this shift, we observe parallel implementations in the Android Open Source Project AOSP where the same component is implemented in both Java and Kotlin. In principle, their functional purposes are identical. ...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•9 views

ScaleDisturb: Exploiting Temporal Asymmetry to Amplify Read Disturbance in Modern DRAM Chips

DRAM suffers from read disturbance phenomena e.g., RowHammer and RowPress, where repeatedly accessing or continuously keeping open a DRAM row aggressor row induces bitflips in other physically nearby unaccessed rows victim rows. The disturbance mechanism is practically exploitable from the softwa...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•10 views

Demand-Driven Vulnerability Detection for Cloud Security Posture Management: Removing Human Rule Authoring from the Disclosure-To-Protection Critical Path

Cloud Security Posture Management CSPM systems detect known vulnerabilities by maintaining a rule set, distributing it to customers, and evaluating it against periodically-collected asset inventories. To our knowledge, in publicly documented architectures the rule set is environment-agnostic and...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•23 views

Revive Adserver 6.0.6 XSS / SQL Injection / Code Injection

Revive Adserver versions 6.0.6 and below suffer from access control, code injection, cross site scripting, and remote SQL injection vulnerabilities...

5.4CVSS5.6AI score0.00499EPSS
Exploits3
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•32 views

RecurGuard: Runtime Monitoring for Reasoning-Token Consumption Attacks

Reasoning-capable large language models can be induced to spend their generation budget on injected decoy tasks rather than answering the user's question, causing denial of service when no final answer is produced and denial of wallet when excess output tokens are billed. Input-side safety...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•15 views

FIFOFox: Windows Named-Pipe Security Auditor and Fuzzer

FIFOFox is a Windows named-pipe security assessment tool for identifying weak pipe permissions, pipe-squatting exposure, and named-pipe impersonation attack paths. It combines passive auditing with authorized active testing, including fuzzing and interception-style capture, to help defenders find...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•9 views

Ternary Public-Key Cryptosystem

Public-key cryptosystems eliminate the requirement for pre-shared secret keys by enabling encryption with a publicly disclosed key and decryption with a corresponding private key. In this article we generalize the public-key cryptosystems to ternary algebraic structures, with particular attention...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•10 views

FDM: A Framework for Decision-Making to Build ML-Based Malware Detection Systems

Selecting appropriate machine learning ML configurations for malware detection is a complex, multi-criteria problem. Model choice, feature engineering, and update mechanisms must jointly satisfy operational constraints that vary across deployment contexts. This paper proposes the Framework for...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•10 views

Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting

Lyrion Music Server version 9.2.0 stores media file metadata tags such as GENRE, ARTIST, and ALBUM exactly as written in the file and later renders them in its web interface without HTML-encoding, resulting in persistent cross site scripting. An attacker who gets a file with a malicious tag into...

7.2CVSS4.3AI score0.00197EPSS
Exploits2
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•20 views

Beyond Pass/Fail: Using Process Mining to Understand How LLMs Resist (And Fail) Red Team Attacks

Standard AI red teaming evaluations reduce adversarial campaigns to a single binary outcome, attack success rate ASR, not taking into account the sequential structure of how models resist or yield to attacks. We propose applying process mining, a discipline for discovering and analyzing process...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•10 views

Empirical Evaluation of Large Language Models for Migration of Code Fragments to Post-Quantum Cryptography

The transition to post-quantum cryptography PQC requires not only replacing vulnerable cryptographic primitives, but also refactoring the surrounding software logic. While existing PQC migration frameworks provide organizational guidance, practical code-level remediation remains largely manual an...

5.6AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/05 12:0 a.m.•13 views

Drupal Core SQL Injection Scanner

CVE-2026-9082 is a remote SQL Injection vulnerability in Drupal Core's database abstraction layer. It affects only sites using PostgreSQL as the database backend. This code simply checks to see if vulnerability endpoints exist and reports back. It is not an exploit...

9.8CVSS6.3AI score0.84631EPSS
Exploits14
Packet Storm News
Packet Storm News
•added 2026/06/04 12:0 a.m.•18 views

Cognitive Threat Intelligence and Explainable Federated Security Analytics for Distributed Infrastructure Systems

The increasing adoption of distributed infrastructure systems, cloud computing, Internet of Things IoT technologies, and edge-based architectures has significantly expanded the cybersecurity attack surface and introduced increasingly sophisticated cyber threats. Conventional centralized intrusion...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
•added 2026/06/04 12:0 a.m.•9 views

Joern 4.0.554

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
Total number of security vulnerabilities6803